示例#1
0
/**
* Display trackback comment submission form.
*
* @param    string  $target     URL to send the trackback comment to
* @param    string  $url        URL of our entry
* @param    string  $title      title of our entry
* @param    string  $excerpt    excerpt of our entry
* @param    string  $blog       name of our site
* @return   string              HTML for the trackback comment editor
*
*/
function trackback_editor($target = '', $url = '', $title = '', $excerpt = '', $blog = '')
{
    global $_CONF, $LANG_TRB;
    $retval = '';
    // show preview if we have at least the URL
    if (!empty($url)) {
        // filter them for the preview
        $p_title = TRB_filterTitle($title);
        $p_excerpt = TRB_filterExcerpt($excerpt);
        $p_blog = TRB_filterBlogname($blog);
        // MT and other weblogs will shorten the excerpt like this
        if (MBYTE_strlen($p_excerpt) > 255) {
            $p_excerpt = MBYTE_substr($p_excerpt, 0, 252) . '...';
        }
        $retval .= COM_startBlock($LANG_TRB['preview']);
        $preview = COM_newTemplate($_CONF['path_layout'] . 'trackback');
        $preview->set_file(array('comment' => 'trackbackcomment.thtml'));
        $comment = TRB_formatComment($url, $p_title, $p_blog, $p_excerpt);
        $preview->set_var('formatted_comment', $comment);
        $preview->parse('output', 'comment');
        $retval .= $preview->finish($preview->get_var('output'));
        $retval .= COM_endBlock();
    }
    if (empty($url) && empty($blog)) {
        $blog = htmlspecialchars($_CONF['site_name']);
    }
    $title = htmlspecialchars($title);
    $excerpt = htmlspecialchars($excerpt, ENT_NOQUOTES);
    $retval .= COM_startBlock($LANG_TRB['editor_title'], getHelpUrl() . '#trackback', COM_getBlockTemplate('_admin_block', 'header'));
    $template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback');
    $template->set_file(array('editor' => 'trackbackeditor.thtml'));
    $template->set_var('php_self', $_CONF['site_admin_url'] . '/trackback.php');
    if (empty($url) || empty($title)) {
        $template->set_var('lang_explain', $LANG_TRB['editor_intro_none']);
    } else {
        $template->set_var('lang_explain', sprintf($LANG_TRB['editor_intro'], $url, $title));
    }
    $template->set_var('lang_trackback_url', $LANG_TRB['trackback_url']);
    $template->set_var('lang_entry_url', $LANG_TRB['entry_url']);
    $template->set_var('lang_title', $LANG_TRB['entry_title']);
    $template->set_var('lang_blog_name', $LANG_TRB['blog_name']);
    $template->set_var('lang_excerpt', $LANG_TRB['excerpt']);
    $template->set_var('lang_excerpt_truncated', $LANG_TRB['truncate_warning']);
    $template->set_var('lang_send', $LANG_TRB['button_send']);
    $template->set_var('lang_preview', $LANG_TRB['button_preview']);
    $template->set_var('max_url_length', 255);
    $template->set_var('target_url', $target);
    $template->set_var('url', $url);
    $template->set_var('title', $title);
    $template->set_var('blog_name', $blog);
    $template->set_var('excerpt', $excerpt);
    $template->set_var('gltoken_name', CSRF_TOKEN);
    $template->set_var('gltoken', SEC_createToken());
    $template->parse('output', 'editor');
    $retval .= $template->finish($template->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
示例#2
0
/**
* Send an email notification for a new submission.
*
* @param    string  $table  Table where the new submission can be found
* @param    string  $story  Story object that was submitted.
*
*/
function sendNotification($table, $story)
{
    global $_CONF, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN;
    $title = COM_undoSpecialChars($story->displayElements('title'));
    if ($A['postmode'] == 'html') {
        $A['introtext'] = strip_tags($A['introtext']);
    }
    $introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext'));
    $storyauthor = COM_getDisplayName($story->displayelements('uid'));
    $topic = stripslashes(DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . $story->displayElements('tid') . '\''));
    $mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . strftime($_CONF['date']) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n";
    if ($_CONF['emailstorieslength'] > 0) {
        if ($_CONF['emailstorieslength'] > 1) {
            $introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...';
        }
        $mailbody .= $introtext . "\n\n";
    }
    if ($table == $_TABLES['storysubmission']) {
        $mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n";
    } else {
        $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
        $mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n";
    }
    $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35];
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    COM_mail($_CONF['site_mail'], $mailsubject, $mailbody);
}
示例#3
0
/**
* Save a trackback (or pingback) comment.
*
* Also filters parameters and handles multiple trackbacks from the same source.
*
* Note: Spam check should have been done before calling this function.
*
* @param    string  $sid        entry id
* @param    string  $type       type of entry ('article' = story, etc.)
* @param    string  $url        URL of the trackback comment
* @param    string  $title      title of the comment (set to $url if empty)
* @param    string  $blog       name of the blog that sent the comment
* @param    string  $excerpt    excerpt from the comment
* @return   int                 < 0: error, > 0: ID of the trackback comment
*
*/
function TRB_saveTrackbackComment($sid, $type, $url, $title = '', $blog = '', $excerpt = '')
{
    global $_CONF, $_TABLES;
    $url = COM_applyFilter($url);
    $title = TRB_filterTitle($title);
    $blog = TRB_filterBlogname($blog);
    $excerpt = TRB_filterExcerpt($excerpt);
    // MT does that, so follow its example ...
    if (MBYTE_strlen($excerpt) > 255) {
        $excerpt = MBYTE_substr($excerpt, 0, 252) . '...';
    }
    $title = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $title);
    $excerpt = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $excerpt);
    $blog = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $blog);
    $url = DB_escapeString($url);
    $title = DB_escapeString($title);
    $blog = DB_escapeString($blog);
    $excerpt = DB_escapeString($excerpt);
    if ($_CONF['multiple_trackbacks'] == 0) {
        // multiple trackbacks not allowed - check if we have this one already
        if (DB_count($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type)) >= 1) {
            return TRB_SAVE_REJECT;
        }
    } else {
        if ($_CONF['multiple_trackbacks'] == 1) {
            // delete any earlier trackbacks from the same URL
            DB_delete($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type));
        }
    }
    // else: multiple trackbacks allowed
    DB_save($_TABLES['trackback'], 'sid,url,title,blog,excerpt,date,type,ipaddress', "'{$sid}','{$url}','{$title}','{$blog}','{$excerpt}',NOW(),'{$type}','{$_SERVER['REMOTE_ADDR']}'");
    $comment_id = DB_insertId();
    if ($type == 'article') {
        DB_query("UPDATE {$_TABLES['stories']} SET trackbacks = trackbacks + 1 WHERE (sid = '{$sid}')");
    }
    return $comment_id;
}
示例#4
0
/**
* Returns an abbreviated day's name
*
* @param    int     $day    1 = Sunday, 2 = Monday, ...
* @return   string          abbreviated day's name (2 characters)
*
*
*/
function shortDaysName($day)
{
    global $LANG_WEEK;
    return MBYTE_substr($LANG_WEEK[$day], 0, 2);
}
示例#5
0
/**
* Truncate a string
*
* Truncates a string to a max. length and optionally adds a filler string,
* e.g. '...', to indicate the truncation.
* This function is multi-byte string aware, based on a patch by Yusuke Sakata.
*
* NOTE: The truncated string may be shorter but will never be longer than
*       $maxlen characters, i.e. the $filler string is taken into account.
*
* @param    string  $text       the text string to truncate
* @param    int     $maxlen     max. number of characters in the truncated string
* @param    string  $filler     optional filler string, e.g. '...'
* @param    int     $endchars   number of characters to show after the filler
* @return   string              truncated string
*
*/
function COM_truncate($text, $maxlen, $filler = '', $endchars = 0)
{
    $newlen = $maxlen - MBYTE_strlen($filler);
    $len = MBYTE_strlen($text);
    if ($len > $maxlen) {
        $text = MBYTE_substr($text, 0, $newlen - $endchars) . $filler . MBYTE_substr($text, $len - $endchars, $endchars);
    }
    return $text;
}
示例#6
0
/**
* Create an excerpt from some piece of HTML containing a given URL
*
* This somewhat convoluted piece of code will extract the text around a
* given link located somewhere in the given piece of HTML. It returns
* the actual link text plus some of the text before and after the link.
*
* NOTE:     Returns an empty string when $url is not found in $html.
*
* @param    string  $html   The piece of HTML to search through
* @param    string  $url    URL that should be contained in $html somewhere
* @param    int     $xlen   Max. length of excerpt (default: 255 characters)
* @return   string          Extract: The link text and some surrounding text
*
*/
function PNB_makeExcerpt($html, $url, $xlen = 255)
{
    $retval = '';
    // the excerpt will come out as
    // [...] before linktext after [...]
    $fill_start = '[...] ';
    $fill_end = ' [...]';
    $f1len = MBYTE_strlen($fill_start);
    $f2len = MBYTE_strlen($fill_end);
    // extract all links
    preg_match_all("/<a[^>]*href=[\"']([^\"']*)[\"'][^>]*>(.*?)<\\/a>/i", $html, $matches);
    $before = '';
    $after = '';
    $linktext = '';
    $num_matches = count($matches[0]);
    for ($i = 0; $i < $num_matches; $i++) {
        if ($matches[1][$i] == $url) {
            $pos = MBYTE_strpos($html, $matches[0][$i]);
            $before = COM_getTextContent(MBYTE_substr($html, 0, $pos));
            $pos += MBYTE_strlen($matches[0][$i]);
            $after = COM_getTextContent(MBYTE_substr($html, $pos));
            $linktext = COM_getTextContent($matches[2][$i]);
            break;
        }
    }
    $tlen = MBYTE_strlen($linktext);
    if ($tlen >= $xlen) {
        // Special case: The actual link text is already longer (or as long) as
        // requested. We don't use the "fillers" here but only return the
        // (shortened) link text itself.
        if ($tlen > $xlen) {
            $retval = MBYTE_substr($linktext, 0, $xlen - 3) . '...';
        } else {
            $retval = $linktext;
        }
    } else {
        if (!empty($before)) {
            $tlen++;
        }
        if (!empty($after)) {
            $tlen++;
        }
        // make "before" and "after" text have equal length
        $rest = ($xlen - $tlen) / 2;
        // format "before" text
        $blen = MBYTE_strlen($before);
        if ($blen < $rest) {
            // if "before" text is too short, make "after" text longer
            $rest += $rest - $blen;
            $retval .= $before;
        } else {
            if ($blen > $rest) {
                $work = MBYTE_substr($before, -($rest * 2));
                $w = explode(' ', $work);
                array_shift($w);
                // drop first word, as it's probably truncated
                $w = array_reverse($w);
                $fill = $rest - $f1len;
                $b = '';
                foreach ($w as $word) {
                    if (MBYTE_strlen($b) + MBYTE_strlen($word) + 1 > $fill) {
                        break;
                    }
                    $b = $word . ' ' . $b;
                }
                $b = trim($b);
                $retval .= $fill_start . $b;
                $blen = MBYTE_strlen($b);
                if ($blen < $fill) {
                    $rest += $fill - $blen;
                }
            }
        }
        // actual link text
        if (!empty($before)) {
            $retval .= ' ';
        }
        $retval .= $linktext;
        if (!empty($after)) {
            $retval .= ' ';
        }
        // format "after" text
        if (!empty($after)) {
            $alen = MBYTE_strlen($after);
            if ($alen > $rest) {
                $work = MBYTE_substr($after, 0, $rest * 2);
                $w = explode(' ', $work);
                array_pop($w);
                // drop last word, as it's probably truncated
                $fill = $rest - $f2len;
                $a = '';
                foreach ($w as $word) {
                    if (MBYTE_strlen($a) + MBYTE_strlen($word) + 1 > $fill) {
                        break;
                    }
                    $a .= $word . ' ';
                }
                $retval .= trim($a) . $fill_end;
            }
        }
    }
    return $retval;
}
示例#7
0
/**
* Truncate a string
*
* Truncates a string to a max. length and optionally adds a filler string,
* e.g. '...', to indicate the truncation.
* This function is multi-byte string aware, based on a patch by Yusuke Sakata.
*
* NOTE: The truncated string may be shorter but will never be longer than
*       $maxlen characters, i.e. the $filler string is taken into account.
*
* @param    string  $text       the text string to truncate
* @param    int     $maxlen     max. number of characters in the truncated string
* @param    string  $filler     optional filler string, e.g. '...'
* @param    int     $endchars   number of characters to show after the filler
* @return   string              truncated string
*
*/
function COM_truncate($text, $maxlen, $filler = '', $endchars = 0)
{
    $newlen = $maxlen - MBYTE_strlen($filler);
    if ($newlen <= 0) {
        $text = MBYTE_substr($text, 0, $maxlen);
    }
    $len = MBYTE_strlen($text);
    if ($len > $maxlen) {
        $startchars = $newlen - $endchars;
        if ($startchars < $endchars) {
            $text = MBYTE_substr($text, 0, $newlen) . $filler;
        } else {
            $text = MBYTE_substr($text, 0, $newlen - $endchars) . $filler . MBYTE_substr($text, $len - $endchars, $endchars);
        }
    }
    return $text;
}
示例#8
0
 /**
  * Unescapes certain HTML for editing again.
  *
  * @access Private
  * @param   string  $in Text escaped to unescape for editing
  * @return  string  Unescaped string
  */
 function _editUnescape($in)
 {
     if ($this->_postmode == 'html' || $this->_postmode == 'wikitext') {
         /* Raw and code blocks need entity decoding. Other areas do not.
          * otherwise, annoyingly, &lt; will end up as < on preview 1, on
          * preview 2 it'll be stripped by KSES. Can't beleive I missed that
          * in rewrite phase 1.
          *
          * First, raw
          */
         $inlower = MBYTE_strtolower($in);
         $buffer = $in;
         $start_pos = MBYTE_strpos($inlower, '[raw]');
         if ($start_pos !== false) {
             $out = '';
             while ($start_pos !== false) {
                 /* Copy in to start to out */
                 $out .= MBYTE_substr($buffer, 0, $start_pos);
                 /* Find end */
                 $end_pos = MBYTE_strpos($inlower, '[/raw]');
                 if ($end_pos !== false) {
                     /* Encode body and append to out */
                     $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos));
                     $out .= $encoded . '[/raw]';
                     /* Nibble in */
                     $inlower = MBYTE_substr($inlower, $end_pos + 6);
                     $buffer = MBYTE_substr($buffer, $end_pos + 6);
                 } else {
                     // missing [/raw]
                     // Treat the remainder as code, but this should have been
                     // checked prior to calling:
                     $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + 5));
                     $inlower = '';
                 }
                 $start_pos = MBYTE_strpos($inlower, '[raw]');
             }
             // Append remainder:
             if ($buffer != '') {
                 $out .= $buffer;
             }
             $in = $out;
         }
         /*
          * Then, code
          */
         $inlower = MBYTE_strtolower($in);
         $buffer = $in;
         $start_pos = MBYTE_strpos($inlower, '[code]');
         if ($start_pos !== false) {
             $out = '';
             while ($start_pos !== false) {
                 /* Copy in to start to out */
                 $out .= MBYTE_substr($buffer, 0, $start_pos);
                 /* Find end */
                 $end_pos = MBYTE_strpos($inlower, '[/code]');
                 if ($end_pos !== false) {
                     /* Encode body and append to out */
                     $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos));
                     $out .= $encoded . '[/code]';
                     /* Nibble in */
                     $inlower = MBYTE_substr($inlower, $end_pos + 7);
                     $buffer = MBYTE_substr($buffer, $end_pos + 7);
                 } else {
                     // missing [/code]
                     // Treat the remainder as code, but this should have been
                     // checked prior to calling:
                     $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + 6));
                     $inlower = '';
                 }
                 $start_pos = MBYTE_strpos($inlower, '[code]');
             }
             // Append remainder:
             if ($buffer != '') {
                 $out .= $buffer;
             }
             $in = $out;
         }
         return $in;
     } else {
         // advanced editor or plaintext can handle themselves...
         return $in;
     }
 }
示例#9
0
/**
* Send an email notification for a new submission.
*
* @param    string  $table  Table where the new submission can be found
* @param    string  $story  Story object that was submitted.
*
*/
function sendNotification($table, $story)
{
    global $_CONF, $_USER, $_TABLES, $LANG01, $LANG08, $LANG24, $LANG29, $LANG_ADMIN;
    $dt = new Date('now', $_USER['tzid']);
    $title = COM_undoSpecialChars($story->displayElements('title'));
    $postmode = $story->displayElements('postmode');
    $introtext = COM_undoSpecialChars($story->displayElements('introtext') . "\n" . $story->displayElements('bodytext'));
    if ($postmode == 'html') {
        USES_lib_html2text();
        $introtext = str_replace("\\r", "", $introtext);
        $introtext = $introtext;
        $html2txt = new html2text($introtext, false);
        $introtext = trim($html2txt->get_text());
    }
    $storyauthor = COM_getDisplayName($story->displayelements('uid'));
    $topic = DB_getItem($_TABLES['topics'], 'topic', 'tid = \'' . DB_escapeString($story->displayElements('tid')) . '\'');
    $mailbody = "{$LANG08['31']}: {$title}\n" . "{$LANG24['7']}: {$storyauthor}\n" . "{$LANG08['32']}: " . $dt->format($_CONF['date'], true) . "\n" . "{$LANG_ADMIN['topic']}: {$topic}\n\n";
    if ($_CONF['emailstorieslength'] > 0) {
        if ($_CONF['emailstorieslength'] > 1) {
            $introtext = MBYTE_substr($introtext, 0, $_CONF['emailstorieslength']) . '...';
        }
        $mailbody .= $introtext . "\n\n";
    }
    if ($table == $_TABLES['storysubmission']) {
        $mailbody .= "{$LANG01['10']} <{$_CONF['site_admin_url']}/moderation.php>\n\n";
    } else {
        $articleUrl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $story->getSid());
        $mailbody .= $LANG08[33] . ' <' . $articleUrl . ">\n\n";
    }
    $mailsubject = $_CONF['site_name'] . ' ' . $LANG29[35];
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    $to = array();
    $to = COM_formatEmailAddress('', $_CONF['site_mail']);
    COM_mail($to, $mailsubject, $mailbody);
}
示例#10
0
/**
* Send report about abusive comment
*
* @param    string  $cid    comment id
* @param    string  $type   type of comment ('article', 'polls', ...)
* @return   string          Meta refresh or HTML for error message
*
*/
function CMT_sendReport($cid, $type)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08;
    if (COM_isAnonUser()) {
        $retval = SEC_loginRequiredForm();
        $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27]));
        return $retval;
    }
    COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
    if (COM_checkSpeedlimit('mail') > 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}");
    $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = {$cid} AND type = '{$type}'");
    $A = DB_fetchArray($result);
    $title = stripslashes($A['title']);
    $comment = stripslashes($A['comment']);
    // strip HTML if posted in HTML mode
    if (preg_match('/<.*>/', $comment) != 0) {
        $comment = strip_tags($comment);
    }
    $author = COM_getDisplayName($A['uid']);
    if ($A['uid'] <= 1 && !empty($A['ipaddress'])) {
        // add IP address for anonymous posters
        $author .= ' (' . $A['ipaddress'] . ')';
    }
    $mailbody = sprintf($LANG03[26], $username);
    $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n";
    if ($type != 'article') {
        $mailbody .= "{$LANG09['5']}: {$type}\n";
    }
    if ($_CONF['emailstorieslength'] > 0) {
        if ($_CONF['emailstorieslength'] > 1) {
            $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...';
        }
        $mailbody .= $comment . "\n\n";
    }
    $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n";
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27];
    if (COM_mail($_CONF['site_mail'], $mailsubject, $mailbody)) {
        $msg = 27;
        // message sent
    } else {
        $msg = 85;
        // problem sending the email
    }
    COM_updateSpeedlimit('mail');
    return COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}");
}
示例#11
0
/**
* Send report about abusive comment
*
* @param    string  $cid    comment id
* @param    string  $type   type of comment ('article', 'poll', ...)
* @return   string          Meta refresh or HTML for error message
*
*/
function CMT_sendReport($cid, $type)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG09, $LANG_LOGIN;
    if (COM_isAnonUser()) {
        $retval = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $retval .= SEC_loginRequiredForm();
        $retval .= COM_siteFooter();
        return $retval;
    }
    COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
    if (COM_checkSpeedlimit('mail') > 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}");
    $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = " . (int) $cid . " AND type = '" . DB_escapeString($type) . "'");
    $A = DB_fetchArray($result);
    $title = $A['title'];
    $comment = $A['comment'];
    // strip HTML if posted in HTML mode
    if (preg_match('/<.*>/', $comment) != 0) {
        $comment = strip_tags($comment);
    }
    $author = COM_getDisplayName($A['uid']);
    if ($A['uid'] <= 1 && !empty($A['ipaddress'])) {
        // add IP address for anonymous posters
        $author .= ' (' . $A['ipaddress'] . ')';
    }
    $mailbody = sprintf($LANG03[26], $username);
    $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n";
    if ($type != 'article' && $type != 'poll') {
        $mailbody .= "{$LANG09['5']}: {$type}\n";
    }
    if ($_CONF['emailstorieslength'] > 0) {
        if ($_CONF['emailstorieslength'] > 1) {
            $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...';
        }
        $mailbody .= $comment . "\n\n";
    }
    $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n";
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27];
    $to = array();
    $to = COM_formatEmailAddress('', $_CONF['site_mail']);
    COM_mail($to, $mailsubject, $mailbody);
    COM_updateSpeedlimit('mail');
    return COM_refresh($_CONF['site_url'] . '/index.php?msg=27');
}
示例#12
0
function board_edit_forum_save($id)
{
    global $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF93;
    $retval = false;
    $statusText = array();
    $numErrors = 0;
    $category = isset($_POST['category']) ? COM_applyFilter($_POST['category'], true) : 0;
    $forum_order_id = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0;
    $name = isset($_POST['name']) ? $_POST['name'] : '';
    $dscp = isset($_POST['dscp']) ? $_POST['dscp'] : '';
    $is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0;
    $is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0;
    $no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0;
    $privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0;
    if ($privgroup == 0) {
        $privgroup = 2;
    }
    $attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true);
    if ($attachmentgroup == 0) {
        $privgroup = 1;
    }
    // data validation
    if (empty($name)) {
        $statusText[] = $LANG_GF93['name_blank'];
        $numErrors++;
    }
    if (MBYTE_strlen($name) > 70) {
        $name = MBYTE_substr($name, 0, 70);
    }
    if (empty($dscp)) {
        $statusText[] = $LANG_GF93['desc_blank'];
        $numErrors++;
    }
    if ($numErrors == 0) {
        if ($forum_order_id == 0) {
            $forum_order = 0;
        } else {
            $forum_order = DB_getItem($_TABLES['ff_forums'], 'forum_order', 'forum_id=' . (int) $forum_order_id);
        }
        $order = $forum_order++;
        $name = _ff_preparefordb($name, 'text');
        $dscp = _ff_preparefordb($dscp, 'text');
        $sql = "UPDATE {$_TABLES['ff_forums']} SET forum_name='" . DB_escapeString($name) . "',forum_order=" . (int) $order . ",forum_dscp='" . DB_escapeString($dscp) . "', grp_id=" . (int) $privgroup . ", ";
        $sql .= "is_hidden='" . DB_escapeString($is_hidden) . "', is_readonly='" . DB_escapeString($is_readonly) . "', no_newposts='" . DB_escapeString($no_newposts) . "',use_attachment_grpid=" . (int) $attachmentgroup . ",forum_cat=" . (int) $category . " ";
        $sql .= "WHERE forum_id=" . (int) $id;
        DB_query($sql);
        reorderForums($category);
        $retval = true;
        $statusText[] = $LANG_GF93['forumedited'];
    }
    return array($retval, $statusText);
}
示例#13
0
 public function testMBYTE_substrWhenLengthNotNull()
 {
     $this->assertEquals('ch', MBYTE_substr('Ten chars.', 4, 2));
 }
示例#14
0
 public function testMBYTE_substrWhenLengthNotNull()
 {
     $this->markTestSkipped();
     $this->assertEquals('nd', MBYTE_substr(utf8_encode('Användare'), 4, 2));
 }
示例#15
0
/**
* This function will allow plugins to support the use of custom autolinks
* in other site content. Plugins can now use this API when saving content
* and have the content checked for any autolinks before saving.
* The autolink would be like:  [story:20040101093000103 here]
*
* @param   string   $content   Content that should be parsed for autolinks
* @param   string   $plugin    Optional if you only want to parse using a specific plugin
*
*/
function PLG_replaceTags($content, $plugin = '')
{
    global $_CONF, $_TABLES, $LANG32;
    if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) {
        // autolinks are disabled - return $content unchanged
        return $content;
    }
    $autolinkModules = PLG_collectTags();
    // For each supported module, scan the content looking for any AutoLink tags
    $tags = array();
    $contentlen = MBYTE_strlen($content);
    $content_lower = MBYTE_strtolower($content);
    foreach ($autolinkModules as $moduletag => $module) {
        $autotag_prefix = '[' . $moduletag . ':';
        $offset = 0;
        $prev_offset = 0;
        while ($offset < $contentlen) {
            $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset);
            if ($start_pos === false) {
                break;
            } else {
                $end_pos = MBYTE_strpos($content_lower, ']', $start_pos);
                $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1);
                if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) {
                    $taglength = $end_pos - $start_pos + 1;
                    $tag = MBYTE_substr($content, $start_pos, $taglength);
                    $parms = explode(' ', $tag);
                    // Extra test to see if autotag was entered with a space
                    // after the module name
                    if (MBYTE_substr($parms[0], -1) == ':') {
                        $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2;
                        $label = str_replace(']', '', MBYTE_substr($tag, $startpos));
                        $tagid = $parms[1];
                    } else {
                        $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1));
                        $parms = explode(':', $parms[0]);
                        if (count($parms) > 2) {
                            // whoops, there was a ':' in the tag id ...
                            array_shift($parms);
                            $tagid = implode(':', $parms);
                        } else {
                            $tagid = $parms[1];
                        }
                    }
                    $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label);
                    $tags[] = $newtag;
                } else {
                    // Error: tags do not match - return with no changes
                    return $content . $LANG32[32];
                }
                $prev_offset = $offset;
                $offset = $end_pos;
            }
        }
    }
    // If we have found 1 or more AutoLink tag
    if (count($tags) > 0) {
        // Found the [tag] - Now process them all
        foreach ($tags as $autotag) {
            $function = 'plugin_autotags_' . $autotag['module'];
            if ($autotag['module'] == 'geeklog' and (empty($plugin) or $plugin == 'geeklog')) {
                $url = '';
                $linktext = $autotag['parm2'];
                if ($autotag['tag'] == 'story') {
                    $autotag['parm1'] = COM_applyFilter($autotag['parm1']);
                    if (!empty($autotag['parm1'])) {
                        $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $autotag['parm1']);
                        if (empty($linktext)) {
                            $linktext = stripslashes(DB_getItem($_TABLES['stories'], 'title', "sid = '{$autotag['parm1']}'"));
                        }
                    }
                }
                if (!empty($url)) {
                    $filelink = COM_createLink($linktext, $url);
                    $content = str_replace($autotag['tagstr'], $filelink, $content);
                }
            } elseif (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) {
                $content = $function('parse', $content, $autotag);
            }
        }
    }
    return $content;
}
示例#16
0
/**
* This function will allow plugins to support the use of custom autolinks
* in other site content. Plugins can now use this API when saving content
* and have the content checked for any autolinks before saving.
* The autolink would be like:  [story:20040101093000103 here]
*
* @param   string   $content   Content that should be parsed for autolinks
* @param   string   $plugin    Optional if you only want to parse using a specific plugin
* @param   string   $remove    Optional if you want to remove the autotag from the content
*
*/
function PLG_replaceTags($content, $plugin = '', $remove = false)
{
    global $_CONF, $_TABLES, $LANG32;
    if (isset($_CONF['disable_autolinks']) && $_CONF['disable_autolinks'] == 1) {
        // autolinks are disabled - return $content unchanged
        return $content;
    }
    if ($remove) {
        $autolinkModules = PLG_collectTags('nopermission');
        if (!is_array($autolinkModules)) {
            // a permission check may not return any data so no point parsing content
            return $content;
        }
    } else {
        $autolinkModules = PLG_collectTags();
    }
    for ($i = 1; $i <= 5; $i++) {
        // For each supported module, scan the content looking for any AutoLink tags
        $tags = array();
        $contentlen = MBYTE_strlen($content);
        $content_lower = MBYTE_strtolower($content);
        foreach ($autolinkModules as $moduletag => $module) {
            $autotag_prefix = '[' . $moduletag . ':';
            $offset = 0;
            $prev_offset = 0;
            while ($offset < $contentlen) {
                $start_pos = MBYTE_strpos($content_lower, $autotag_prefix, $offset);
                if ($start_pos === false) {
                    break;
                } else {
                    $end_pos = MBYTE_strpos($content_lower, ']', $start_pos);
                    $next_tag = MBYTE_strpos($content_lower, '[', $start_pos + 1);
                    if ($end_pos > $start_pos and ($next_tag === false or $end_pos < $next_tag)) {
                        $taglength = $end_pos - $start_pos + 1;
                        $tag = MBYTE_substr($content, $start_pos, $taglength);
                        $parms = explode(' ', $tag);
                        // Extra test to see if autotag was entered with a space
                        // after the module name
                        if (MBYTE_substr($parms[0], -1) == ':') {
                            $startpos = MBYTE_strlen($parms[0]) + MBYTE_strlen($parms[1]) + 2;
                            $label = str_replace(']', '', MBYTE_substr($tag, $startpos));
                            $tagid = $parms[1];
                        } else {
                            $label = str_replace(']', '', MBYTE_substr($tag, MBYTE_strlen($parms[0]) + 1));
                            $parms = explode(':', $parms[0]);
                            if (count($parms) > 2) {
                                // whoops, there was a ':' in the tag id ...
                                array_shift($parms);
                                $tagid = implode(':', $parms);
                            } else {
                                $tagid = $parms[1];
                            }
                        }
                        $newtag = array('module' => $module, 'tag' => $moduletag, 'tagstr' => $tag, 'startpos' => $start_pos, 'length' => $taglength, 'parm1' => str_replace(']', '', $tagid), 'parm2' => $label);
                        $tags[] = $newtag;
                    } else {
                        // Error: tags do not match - return with no changes
                        return $content . $LANG32[32];
                    }
                    $prev_offset = $offset;
                    $offset = $end_pos;
                }
            }
        }
        // If we have found 1 or more AutoLink tag
        if (count($tags) > 0) {
            // Found the [tag] - Now process them all
            foreach ($tags as $autotag) {
                if ($remove) {
                    $content = str_replace($autotag['tagstr'], '', $content);
                } else {
                    $function = 'plugin_autotags_' . $autotag['module'];
                    if (function_exists($function) and (empty($plugin) or $plugin == $autotag['module'])) {
                        $content = $function('parse', $content, $autotag);
                    }
                }
            }
        } else {
            break;
        }
    }
    return $content;
}
示例#17
0
/**
* Send report about abusive comment
*
* @param    string  $cid    comment id
* @param    string  $type   type of comment ('article', 'poll', ...)
* @return   string          Meta refresh or HTML for error message
*
*/
function CMT_sendReport($cid, $type)
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG08, $LANG_LOGIN;
    if (empty($_USER['username'])) {
        $retval = COM_siteHeader('menu', $LANG_LOGIN[1]);
        $retval .= COM_startBlock($LANG_LOGIN[1], '', COM_getBlockTemplate('_msg_block', 'header'));
        $loginreq = new Template($_CONF['path_layout'] . 'submit');
        $loginreq->set_file('loginreq', 'submitloginrequired.thtml');
        $loginreq->set_var('xhtml', XHTML);
        $loginreq->set_var('login_message', $LANG_LOGIN[2]);
        $loginreq->set_var('site_url', $_CONF['site_url']);
        $loginreq->set_var('lang_login', $LANG_LOGIN[3]);
        $loginreq->set_var('lang_newuser', $LANG_LOGIN[4]);
        $loginreq->parse('errormsg', 'loginreq');
        $retval .= $loginreq->finish($loginreq->get_var('errormsg'));
        $retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
        $retval .= COM_siteFooter();
        return $retval;
    }
    COM_clearSpeedlimit($_CONF['speedlimit'], 'mail');
    if (COM_checkSpeedlimit('mail') > 0) {
        return COM_refresh($_CONF['site_url'] . '/index.php');
    }
    $username = DB_getItem($_TABLES['users'], 'username', "uid = {$_USER['uid']}");
    $result = DB_query("SELECT uid,title,comment,sid,ipaddress FROM {$_TABLES['comments']} WHERE cid = {$cid} AND type = '{$type}'");
    $A = DB_fetchArray($result);
    $title = stripslashes($A['title']);
    $comment = stripslashes($A['comment']);
    // strip HTML if posted in HTML mode
    if (preg_match('/<.*>/', $comment) != 0) {
        $comment = strip_tags($comment);
    }
    $author = COM_getDisplayName($A['uid']);
    if ($A['uid'] <= 1 && !empty($A['ipaddress'])) {
        // add IP address for anonymous posters
        $author .= ' (' . $A['ipaddress'] . ')';
    }
    $mailbody = sprintf($LANG03[26], $username);
    $mailbody .= "\n\n" . "{$LANG03['16']}: {$title}\n" . "{$LANG03['5']}: {$author}\n";
    if ($type != 'article' && $type != 'poll') {
        $mailbody .= "{$LANG09['5']}: {$type}\n";
    }
    if ($_CONF['emailstorieslength'] > 0) {
        if ($_CONF['emailstorieslength'] > 1) {
            $comment = MBYTE_substr($comment, 0, $_CONF['emailstorieslength']) . '...';
        }
        $mailbody .= $comment . "\n\n";
    }
    $mailbody .= $LANG08[33] . ' <' . $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . ">\n\n";
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    $mailsubject = $_CONF['site_name'] . ' ' . $LANG03[27];
    if (COM_mail($_CONF['site_mail'], $mailsubject, $mailbody)) {
        $msg = 27;
        // message sent
    } else {
        $msg = 85;
        // problem sending the email
    }
    COM_updateSpeedlimit('mail');
    return COM_refresh($_CONF['site_url'] . "/index.php?msg={$msg}");
}
示例#18
0
 private static function _unescapeSpecialTag($in, $tags)
 {
     $inlower = MBYTE_strtolower($in);
     $start_pos = MBYTE_strpos($inlower, $tags[0]);
     if ($start_pos === false) {
         return $in;
     }
     $buffer = $in;
     $out = '';
     while ($start_pos !== false) {
         // Copy in to start to out
         $out .= MBYTE_substr($buffer, 0, $start_pos);
         // Find end
         $end_pos = MBYTE_strpos($inlower, $tags[1]);
         if ($end_pos !== false) {
             // Encode body and append to out
             $encoded = html_entity_decode(MBYTE_substr($buffer, $start_pos, $end_pos - $start_pos));
             $out .= $encoded . $tags[1];
             $len_end = strlen($tags[1]);
             // Nibble in
             $inlower = MBYTE_substr($inlower, $end_pos + $len_end);
             $buffer = MBYTE_substr($buffer, $end_pos + $len_end);
         } else {
             // missing end
             $len_start = strlen($tags[0]);
             // Treat the remainder as code, but this should have been
             // checked prior to calling:
             $out .= html_entity_decode(MBYTE_substr($buffer, $start_pos + $len_start));
             $inlower = '';
         }
         $start_pos = MBYTE_strpos($inlower, $tags[0]);
     }
     // Append remainder:
     if ($buffer != '') {
         $out .= $buffer;
     }
     return $out;
 }
示例#19
0
/**
* Truncate a feed item's text to a given max. length of characters
*
* @param    string  $text       the item's text
* @param    int     $length     max. length
* @return   string              truncated text
*
*/
function SYND_truncateSummary($text, $length)
{
    if ($length == 0) {
        return '';
    } else {
        $text = stripslashes($text);
        $text = trim($text);
        $text = str_replace(array("\r\n", "\r"), "\n", $text);
        if ($length > 3 && MBYTE_strlen($text) > $length) {
            $text = MBYTE_substr($text, 0, $length - 3) . '...';
        }
        // Check if we broke an html tag and storytext is now something
        // like "blah blah <a href= ...". Delete "<*" if so.
        if (MBYTE_strrpos($text, '<') > MBYTE_strrpos($text, '>')) {
            $text = MBYTE_substr($text, 0, MBYTE_strrpos($text, '<')) . ' ...';
        }
        return $text;
    }
}